AES-Crypto

A simple Android class for encrypting & decrypting strings, aiming to avoid the classic mistakes that most such classes suffer from.

License

License

GroupId

GroupId

com.scottyab
ArtifactId

ArtifactId

aes-crypto
Last Version

Last Version

0.0.5
Release Date

Release Date

Type

Type

aar
Description

Description

AES-Crypto
A simple Android class for encrypting & decrypting strings, aiming to avoid the classic mistakes that most such classes suffer from.
Project URL

Project URL

https://github.com/scottyab/java-aes-crypto.git
Source Code Management

Source Code Management

https://github.com/scottyab/java-aes-crypto.git

Download aes-crypto

How to add to project

<!-- https://jarcasting.com/artifacts/com.scottyab/aes-crypto/ -->
<dependency>
    <groupId>com.scottyab</groupId>
    <artifactId>aes-crypto</artifactId>
    <version>0.0.5</version>
    <type>aar</type>
</dependency>
// https://jarcasting.com/artifacts/com.scottyab/aes-crypto/
implementation 'com.scottyab:aes-crypto:0.0.5'
// https://jarcasting.com/artifacts/com.scottyab/aes-crypto/
implementation ("com.scottyab:aes-crypto:0.0.5")
'com.scottyab:aes-crypto:aar:0.0.5'
<dependency org="com.scottyab" name="aes-crypto" rev="0.0.5">
  <artifact name="aes-crypto" type="aar" />
</dependency>
@Grapes(
@Grab(group='com.scottyab', module='aes-crypto', version='0.0.5')
)
libraryDependencies += "com.scottyab" % "aes-crypto" % "0.0.5"
[com.scottyab/aes-crypto "0.0.5"]

Dependencies

There are no dependencies for this project. It is a standalone project that does not depend on any other jars.

Project Modules

There are no modules declared in this project.

java-aes-crypto

** NOTE: this fork has diverged from original and is publishing to maven central under groupId com.scottyab **

A simple Android class for encrypting & decrypting strings, aiming to avoid serious cryptographic errors that most such classes suffer from. Show me the code

Features

Here are the features of this class. We believe that these properties are consistent with what a lot of people are looking for when encrypting Strings in Android.

  • Works for strings: It should encrypt arbitrary strings or byte arrays. This means it needs to effectively handle multiple blocks (CBC) and partial blocks (padding). It consistently serializes and deserializes ciphertext, IVs, and key material using base64 to make it easy to store.
  • Algorithm & Mode: We chose: AES 128, CBC, and PKCS5 padding. We would have picked GCM for its built-in integrity checking, but that's only available since Android Jelly Bean.
  • IV Handling: We securely generate a random IV before each encryption and provide a simple class to keep the IV and ciphertext together so they're easy to keep track of and store. We set the IV and then request it back from the Cipher class for compatibility across various Android versions.
  • Key generation: Random key generation with the updated generation code recommended for Android. If you want password-based keys, we provide functions to salt and generate them.
  • Integrity: Lots of people think AES has integrity checking built in. The thinking goes, "if it decrypts correctly, it was generated by the person with the private key". Actually, AES CBC allows an attacker to modify the messages. Therefore, we've also added integrity checking in the form of a SHA 256 hash.

How to include in project?

Copy and paste

It's a single very simple java class, AesCbcWithIntegrity.java that works across most or all versions of Android. The class should be easy to paste into an existing codebase.

Android Library project

The library is in Android library project format so you can clone this project and add as a library module/project.

Maven Dependency

We've also published the library AAR file via Jitpack for simple gradle dependency management:

Add the dependency to your project's build.gradle:

dependencies {
    compile 'com.scottyab:aes-crypto:0.0.5'
    }

Examples

Generate new key

  AesCbcWithIntegrity.SecretKeys keys = AesCbcWithIntegrity.generateKey();

Encrypt

   AesCbcWithIntegrity.CipherTextIvMac cipherTextIvMac = AesCbcWithIntegrity.encrypt("some test", keys);
   //store or send to server
   String ciphertextString = cipherTextIvMac.toString();

Decrypt

  //Use the constructor to re-create the CipherTextIvMac class from the string:
  CipherTextIvMac cipherTextIvMac = new CipherTextIvMac (cipherTextString);
  String plainText = AesCbcWithIntegrity.decryptString(cipherTextIvMac, keys);

Storing Keys

Once you've generated a random key, you naturally might want to store it. This may work for some use cases, but please be aware that if you store the key in the same place that you store the encrypted data, your solution is not cryptographically sound since the attacker can just get both the key and the encrypted text. Instead, you should use either the Keystore infrastructure or consider generating the key from a passphrase and using that to encrypt the user data.

If despite the above you still want to store the key, you can convert the keys to a string using the included functions and store them in preferences or SQLite.

License

The included MIT license is compatible with open source or commercial products. Tozny also offers custom support and licensing terms if your organization has different needs. Contact us at [email protected] for more details.

Versions

Version
0.0.5
0.0.4
0.0.3
0.0.2